Marienplatz (city centre)
The English Garden
Chinese Tower (famous beer garden)
The Computer Science building of the TUM
The main hall in the CS-building
The Isar river
The conference poster
|
SPEAKER: David Basin
TITLE: Let's get physical: models and methods for real-world security
protocols
(Joint work with Patrick Schaller, Benedikt Schmidt, and Srdjan Capkun)
Traditional security protocols are mainly concerned with key establishment and
principal authentication, and rely on predistributed keys and properties of
cryptographic operators. In contrast, new application areas are emerging that
establish and rely on properties of the physical world. Examples include
secure localization, distance bounding, and device pairing protocols.
We present a formal model extending standard, inductive, trace-based, symbolic
approaches in two directions. In terms of communication, we refine the
standard Dolev-Yao model to account for network topology, transmission delays,
and node positions. This results in a distributed intruder with restricted,
but more realistic, communication capabilities. On the level of messages, we
use an abstract message theory to establish facts independent of the concrete
protocol and message theory. To analyse the security of a given protocol, we
instantiate the abstract message theory so that properties of the
cryptographic operators under consideration are accurately modeled. We
describe the formalization of this model in Isabelle/HOL and present its
application to a distance bounding protocol, where the concrete message theory
includes exclusive-or and its associated equational theory.
|